Use this guide to quickly set up delivery of audit logs from Akamai Cloud services to your chosen destination. This guide focuses on Cloud Manager. For a similar workflow using the API, see Configure audit log delivery.

Before you begin

Before creating a configuration audit log stream, make sure you have:

• The required authentication and access permissions for managing streams and destinations
• The configuration details for your destination (Object Storage or Custom HTTPS endpoint)

Step 1: Prepare your destination

Before creating a stream, make sure your Object Storage or Custom HTTPS destination is set up and ready to receive logs.

Object Storage bucket

To ensure logs stay secure and tamper-resistant, configure your bucket in a way that prevents accidental changes, unauthorized access, or early deletion. This includes:

• Creating a bucket for storing logs with Object Lock enabled to prevent deletion or overwriting before the retention period ends
• Configuring appropriate retention settings
• Generating access keys with permission to write to the bucket

📘

Object Lock must be enabled when the bucket is created. Object Lock is currently only supported using the S3 APIs. It's not supported through the Linode API or in Cloud Manager.

For guidance, see Protect logs in Object Storage.

Custom HTTPS endpoint

To deliver logs to a custom HTTPS destination, ensure your endpoint is set up and ready to receive log data. You'll need to:

• Provide a valid HTTPS endpoint that can accept incoming log data
• Ensure the endpoint is accessible from the log delivery service
• Provide the required connection details

📘

Use Akamai CDN IP address lists for ACL configuration

If your destination is protected by a firewall or IP-based access control list (ACL), configure it using the same IP address lists as origin IP access lists for the Akamai CDN.

Step 2: Create a log stream

To start delivering logs, create a log stream. The stream defines where logs should be sent.

To create a stream in Cloud Manager:

1. Log in to Cloud Manager, expand Monitor in the main menu, and select Logs.

2. On the Streams tab, click Create Stream.

3. Enter a name for your stream.

4. Select the stream type Audit logs.

5. Select the destination type: Object Storage or Custom HTTPS.

6. Type a unique name for your destination. This will create a new destination.

   📘

   Use an existing destination

   You can create a destination before creating a log stream on the Destinations page. If you've already created a destination, enter it's name—the destination details are automatically populated.

7. Enter the destination details.

   • Object Storage bucket:

     • Endpoint associated with your bucket's region
     • Name of the bucket
     • Prefix used to organize log files within the bucket
     • Access key ID used for authentication
     • Secret access key used with the access key ID

   • Custom HTTPS endpoint:

     • Endpoint (HTTPS URL) to receive log data
     • Authentication type used for requests: None, which requires no authentication, or Basic, which requires a username and password
     • (optional) Content type that defines the format and character encoding of the delivered log data
     • (optional) Custom HTTPS Headers. included with each request, including name and value
     • (optional) TLS certificate information

   See Log destinations for more information about these fields.

8. Review your configuration details to ensure everything is correct. You can also test your set up by clicking Test Connection in the right pane.

9. Click Create Stream.

Step 4: Verify log delivery

After creating your stream, confirm that logs are being delivered to your destination.

• Check your stream's status on the Streams tab of the Logs page in Cloud Manager. A stream's status changes from Provisioning to Active once provisioning is complete.
• Allow up to 45 minutes for logs to begin arriving at the destination.
• Once logs are being delivered, confirm the log format and data are correct.